<?php
session_start();
include("../includes/conection.php");


// Insert action
if(isset($_GET['id']) && $_GET['id']==null){
	
	//echo pathinfo($filename, PATHINFO_EXTENSION);exit();
	
	$firstName = $_POST['firstname'];
	
	$lastName = $_POST['lastname'];
	$email = $_POST['email'];
	$dob = $_POST['date_of_birth'];
	$user= $_POST['user_name'];
	$pass= md5($_POST['user_pass']);
	
	if(!empty($_FILES["photo"]["tmp_name"])){
		$newFilename = uploadFile($user);
	}
	
	
	$sql="INSERT INTO tbl_students (user_name,user_password,stu_first_name,stu_last_name,stu_sex,stu_telephone,stu_date_of_birth,stu_email,stu_photo)
	VALUES
	('$user','$pass','$firstName','$lastName','$_POST[sex]','$_POST[phone]','$dob','$email','$newFilename')";
	
	if (!mysql_query($sql,$con))
	  {
	  die('Error: ' . mysql_error());
	  }
	  
// Update action
}elseif(isset($_GET['id']) && !isset($_GET['action']) && $_GET['id']!=null){
	
	if(!empty($_FILES["photo"]['tmp_name'])){
		$user= $_POST['user_name'];	
		$newFilename = uploadFile($user);
		
		mysql_query("UPDATE tbl_students SET
						stu_first_name='".$_POST['firstname']."',
						stu_last_name='".$_POST['lastname']."',
						stu_sex='".$_POST['sex']."',
						stu_date_of_birth='".$_POST['date_of_birth']."',
						stu_telephone='".$_POST['phone']."',
						stu_email = '".$_POST['email']."',
						stu_photo='".$newFilename."',
						stu_date_modified=now()
						WHERE stu_id=".$_GET['id']) or die(mysql_error());
	}else{
		mysql_query("UPDATE tbl_students SET
						stu_first_name='".$_POST['firstname']."',
						stu_last_name='".$_POST['lastname']."',
						stu_sex='".$_POST['sex']."',
						stu_date_of_birth='".$_POST['date_of_birth']."',
						stu_telephone='".$_POST['phone']."',
						stu_email = '".$_POST['email']."',
						stu_date_modified=now()
						WHERE stu_id=".$_GET['id']) or die(mysql_error());
	}

	



//Delete data
}elseif(isset($_GET['action']) && $_GET['action']=='delete'){
		mysql_query("DELETE FROM tbl_students 
								WHERE stu_id=".$_GET['id']) or die(mysql_error());

}
if(isset($_GET['action']) && $_GET['action']=='logout'){
	if(isset($_COOKIE["user"])){
		
		$cookie_time = (3600 * 24 * 30); // 30 days
		setcookie ("user","", time()- $cookie_time);
		unset($_COOKIE['user']);		
		//echo ($_COOKIE['user']);exit();
	}
	
	unset($_SESSION['SESS_MEMBER_ID']);
	unset($_SESSION['SESS_MEMBER_NAME']);
	//echo $_COOKIE["user"];exit();
	//echo "test"; exit();
	
	//echo $_SESSION['SESS_MEMBER_ID'];exit();
}

function uploadFile($userName){
	
		$rawFilename = $_FILES["photo"]["name"];
		
		$fileExtension = pathinfo($rawFilename, PATHINFO_EXTENSION);
		$newFilename = $userName.".".$fileExtension;
		
		include_once("image_upload_script.php");
		
		return $newFilename;
}

mysql_close($con);



header("location:../index.php");




?> 